Verified reviews using a contactless card

1. A system, comprising: a processor; and a memory storing instructions which when executed by the processor, cause the processor to: receive, by an application executing on the processor, an indication specifying to generate a review for an entity comprising one or more of a merchant and a service provider; disable, by the application, a submission element of a graphical user interface (GUI) of the application, the submission element operative to submit reviews for publication when enabled; output, by the application in the GUI, an indication specifying to tap a contactless card to the system; receive, by an application programming interface (API) of the application, encrypted data from a communications interface of the contactless card, the encrypted data based on a cryptographic algorithm, a customer identifier, and a private key associated with the contactless card; transmit, by the API of the application to an authentication server associated with the contactless card: (i) the encrypted data, (ii) an application identifier of the application, and (iii) an entity identifier associated with the entity; receive, by the API of the application from the authentication server, indications specifying that the authentication server: (i) decrypted the encrypted data using a copy of the private key associated with the contactless card stored by the server to yield the customer identifier, and (ii) determined that the contactless card was used to make a purchase with the entity based at least in part on the entity identifier and the decrypted customer identifier; enable, by the application based on the indications received from the authentication server, the submission element of the GUI; permit, by the application based on the indications received from the authentication server, generation of the review; and publish, by the application, the review to one or more review platforms associated with the application responsive to receiving selection of the submission element of the GUI.

2. The system of claim 1 , the API of the application further to, prior to the application permitting generation of the review: receive, from the contactless card, transaction data for one or more previous transactions for which the contactless card was used to provide payment information; and determine that the entity identifier is specified in the transaction data for the one or more previous transactions to determine that the contactless card was used to make the purchase with the entity, wherein the contactless card is one of a plurality of contactless cards, wherein the server stores a unique private key for each contactless card.

3. The system of claim 2 , the memory storing instructions which when executed by the processor cause the processor to: identify, by the application, an entity identifier for a second entity in the transaction data for the one or more previous transactions; and output, by the application, an indication to generate a review for the second entity.

4. The system of claim 1 , the memory storing instructions which when executed by the processor cause the processor to: transmit, by the API of the application to the contactless card, a review confirmation specifying that the review was published to the one or more review platforms.

5. The system of claim 4 , the memory storing instructions which when executed by the processor cause the processor to: receive, by the application from the contactless card, the review confirmation specifying that the review was published to the one or more review platforms; transmit, by the application to a point of sale device associated with the entity, the received review confirmation specifying that the review was published to the one or more review platforms; and receive, by the application from the point of sale device based on the review confirmation, an indication of a reward for at least one of: (i) the purchase, and (ii) a subsequent purchase.

6. The system of claim 1 , the memory storing instructions which when executed by the processor cause the processor to: receive, by the API of the application, an indication of a time of the purchase; and determine, by the application, that an amount of time that has elapsed since the time of the purchase does not exceed a threshold amount of time.

7. The system of claim 1 , the memory storing instructions which when executed by the processor cause the processor to: restrict, by the application, publication of the review based on at least one of: (i) receiving an indication that the authentication server did not successfully decrypt the encrypted data, and (ii) receiving an indication that the authentication server determined that the contactless card was not used to make a purchase with the entity.

8. A non-transitory computer-readable storage medium storing instructions which when executed by a processor cause the processor to: receive, by an application executing on the processor, an indication specifying to submit a review for an entity comprising one or more of a merchant and a service provider; disable, by the application, a submission element of a graphical user interface (GUI) of the application, the submission element operative to submit reviews for publication when enabled; output, by the application, an indication specifying to tap a contactless card to a device; receive, by an application programming interface (API) of the application, encrypted data from a communications interface of the contactless card, the encrypted data based on a cryptographic algorithm, a customer identifier, and a private key associated with the contactless card; transmit, by the API of the application to an authentication server associated with the contactless card: (i) the encrypted data, (ii) an application identifier of the application, and (iii) an entity identifier associated with the entity; receive, by the API of the application from the authentication server, indications specifying that the authentication server: (i) decrypted the encrypted data using a copy of the private key associated with the contactless card stored by the server to yield the customer identifier, and (ii) determined that the contactless card was used to make a purchase with the entity based at least in part on the entity identifier and the decrypted customer identifier; enable, by the application based on the indications received from the authentication server, the submission element of the GUI; permit, by the application based on the indications received from the authentication server, submit of the review; and publish, by the application, the review to one or more review platforms associated with the application responsive to receiving selection of the submission element of the GUI.

9. The non-transitory computer-readable storage medium of claim 8 , the API of the application further to, prior to the application permitting generation of the review: receive, from the contactless card, transaction data for one or more previous transactions for which the contactless card was used to provide payment information; and determine that the entity identifier is specified in the transaction data for the one or more previous transactions to determine that the contactless card was used to make the purchase with the entity, wherein the contactless card is one of a plurality of contactless cards, wherein the server stores a unique private key for each contactless card.

10. The non-transitory computer-readable storage medium of claim 9 , storing instructions which when executed by the processor cause the processor to: identify, by the application, an entity identifier for a second entity in the transaction data for the one or more previous transactions; and output, by the application, an indication to generate a review for the second entity.

11. The non-transitory computer-readable storage medium of claim 8 , storing instructions which when executed by the processor cause the processor to: transmit, by the API of the application to the contactless card, a review confirmation specifying that the review was published to the one or more review platforms.

12. The non-transitory computer-readable storage medium of claim 11 , storing instructions which when executed by the processor cause the processor to: receive, by the application from the contactless card, the review confirmation specifying that the review was published to the one or more review platforms; transmit, by the application to a point of sale device associated with the entity, the received review confirmation specifying indication that the review was published to the one or more review platforms; and receive, by the application from the point of sale device based on the review confirmation, an indication of a reward for at least one of: (i) the purchase, and (ii) a subsequent purchase.

13. The non-transitory computer-readable storage medium of claim 8 , storing instructions which when executed by the processor cause the processor to: receive, by the API of the application, an indication of a time of the purchase; and determine, by the application, that an amount of time that has elapsed since the time of the purchase does not exceed a threshold amount of time.

14. The non-transitory computer-readable storage medium of claim 8 , storing instructions which when executed by the processor cause the processor to: restrict, by the application, publication of the review based on at least one of: (i) receiving an indication that the authentication server did not successfully decrypt the encrypted data, and (ii) receiving an indication that the authentication server determined that the contactless card was not used to make a purchase with the entity.

15. A method, comprising: receiving, by an application executing on a processor of a device, an indication specifying to generate a review for an entity comprising one or more of a merchant and a service provider; disabling, by the application, a submission element of a graphical user interface (GUI) of the application, the submission element operative to submit reviews for publication when enabled; outputting, by the application in the GUI, an indication specifying to tap a contactless card to the device; receiving, by an application programming interface (API) of the application from a communications interface of the contactless card, encrypted data generated by the contactless card based on a cryptographic algorithm, a customer identifier, and a private key associated with the contactless card stored in a memory of the contactless card; transmitting, by the API of the application to an authentication server associated with the contactless card: (i) the encrypted data, (ii) an application identifier of the application, and (iii) an entity identifier associated with the entity; receiving, by the API of the application from the authentication server, indications specifying that the authentication server: (i) decrypted the encrypted data using a copy of the private key associated with the contactless card stored by the server to yield the customer identifier, and (ii) determined that the contactless card was used to make a purchase with the entity based at least in part on the entity identifier and the decrypted customer identifier; enabling, by the application based on the indications received from the authentication server, the submission element of the GUI; permitting, by the application based on the indications received from the authentication server, generation of the review; and publishing, by the application, the review to one or more review platforms associated with the application responsive to receiving selection of the submission element of the GUI.

16. The method of claim 15 , the memory of the contactless card storing transaction data for one or more previous transactions, the method further comprising prior to the application permitting generation of the review: receiving, by the API of the application from the contactless card, transaction data for one or more previous transactions for which the contactless card was used to provide payment information; and determining, by the API of the application, that the entity identifier is specified in the transaction data for the one or more previous transactions to determine that the contactless card was used to make the purchase with the entity, wherein the contactless card is one of a plurality of contactless cards, wherein the server stores a unique private key for each contactless card.

17. The method of claim 16 , further comprising: identifying, by the application, an entity identifier for a second entity in the transaction data for the one or more previous transactions; and outputting, by the application, an indication to generate a review for the second entity.

18. The method of claim 15 , further comprising: transmitting, by the API of the application to the contactless card, a review confirmation specifying that the review was published to the one or more review platforms.

19. The method of claim 18 , further comprising: receiving, by the application from the contactless card, the review confirmation specifying that the review was published to the one or more review platforms; transmitting, by the application to a point of sale device associated with the entity, the received review confirmation specifying that the review was published to the one or more review platforms; and receiving, by the application from the point of sale device based on the review confirmation, an indication of a reward for at least one of: (i) the purchase, and (ii) a subsequent purchase.

20. The method of claim 15 , further comprising: restricting, by the application, publication of the review based on at least one of: (i) receiving an indication that the authentication server did not successfully decrypt the encrypted data, and (ii) receiving an indication that the authentication server determined that the contactless card was not used to make a purchase with the entity.